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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S. C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. .See 37 CFR 1.704(b). 

Status 

1 )E3 Responsive to communication(s) filed on 13 May 2002 , 
2a)D This action is FINAL. 2b)S This action is non-final. . . 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^3 Claim(s) 1-36 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) KI ClaimCs)!^ is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^ The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 13 November 2000 is/are: a)D accepted or b)[3 objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d), 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
Priority under 35 U.S.C. §§119 and 120 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 

a)GD All b)D Some**c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

13) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 119(e) (to a provisional application) 

since a specific reference was included in the first sentence of the specification or in an Application Data Sheet. 
37 CFR 1.78. 

a) D The translation of the foreign language provisional application has been received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 since a specific 

reference was included in the first sentence of the specification or in an Application Data Sheet. 37 CFR 1 .78. 
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DETAILED ACTION 

Claims 1-36 are pending in this office action. 

Papers Received 

1 . Oath/Declaration and associated Fees were received on 05/10/01 . 

Information Disclosure Statement 

2. The information disclosure statements (IDS) submitted on 12/14/00, 05/22/01 
and 05/26/01 were considered by the examiner. 

Drawings 

3. The drawings are objected to as failing to comply with 37 CFR 1 .84(p)(5) 
because they do not include the following reference sign(s) mentioned in the 
description: On page 17 line 18, reference number 395 is not in Fig. 4. A proposed 
drawing correction or corrected drawings are required in reply to the Office action to 
avoid abandonment of the application. The objection to the drawings will not be held in 
abeyance. 

Specification 

4. Please provide the Serial/Patent Number for any referenced Applications or 
Patents that were left blank. 
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5. The disclosure is objected to because of the following informalities: The 
disclosure makes numerous references to both a "tunnel selection configuration 
override attribute" and a "domain configuration override attribute". Although a general 
association can be made, it is not made explicitly clear the difference between the two 
in form or use or if they both exist in a profile. This is more of an issue when they are 
used in describing a single embodiment such as on page 17 lines 10-23 and on page 21 
lines 6-23. 

Appropriate correction is required. 

Claim Objections 

6. Claim 29 is objected to because of the following informalities: RADIUS is more 
commonly referenced as "Remote Authentication..." instead of "Remote 
Authorization...". This also applies to the Applicant's specification on page 16 lines 10- 
1 1 . Appropriate correction is required. 

7. Claims 31-36 are objected to because of the following informalities: The 
examiner believes Claims 31-36 include typographical errors in respect to their Claim 
dependencies. Therefore, Claims 31-36 will be interpreted as being ultimately 
dependent on independent Claim 30 instead of independent Claim 22. Furthermore, 
Claims 31-36 will be interpreted to have proper dependencies between themselves as 
reflected in previous proper dependent claims. Appropriate correction is required. 
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Claim Rejections - 35 USC §112 

8. The following is a quotation of the first paragraph of 35 U.S.C. 1 1 2: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

9. Claims 3, 10 and 17 are rejected under 35 U.S.C. 112, first paragraph, as failing 
to comply with the enablement requirement. The claim(s) contains subject matter which 
was not described in the specification in such a way as to enable one skilled in the art to 
which it pertains, or with which it is most nearly connected, to make and/or use the 
invention. Each of these Claims describe disconnecting the subscriber "from all then 
existing connections" based on the existence of the domain configuration attribute and 
the matching of the domain identifier to the service associated with the domain 
configuration override attribute. Although the specification does support checking for 
the domain configuration override attribute and the matching function, there is no 
support for disconnecting the subscriber "from all then existing connections" based on 
the result of these or any conditions. 

10. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

11. Claims 3, 4, 10, 11, 17, 18, 25 and 26 are rejected under 35 U.S.C. 112, second 
paragraph, as being indefinite for failing to particularly point out and distinctly claim the 
subject matter which applicant regards as the invention. 
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12. Claims 3, 10 and 17 each recite the limitation "all then existing network 
connections". There is insufficient antecedent basis for this limitation in the claim. 

13. Claims 4, 1 1 and 18 each recite the limitation "said service request". There is 
insufficient antecedent basis for this limitation jn the claim. 

14. Claim 25 recites the limitation "said PPP session" in line 2. There is insufficient 
antecedent basis for this limitation in the claim. 

15. Claim 26 recites the limitation "said tunneling session" in line 1 . There is 
insufficient antecedent basis for this limitation in the claim. 

1 6. Note: The examiner assumes the 1 1 2 rejections for Claims 25 and 26 are the 
result of typographical error and will interpret their dependencies as Claim 24 and 25 
respectively in any further rejections. 

Claim Rejections - 35 USC § 103 

17. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability Shall not be negatived by the manner in which the invention was made. 

18. Claims 1-4,8-11 and 15-18 rejected under 35 U.S.C. 103(a) as being 
unpatentable over U.S. Patent 6,044,402 by Jacobson et al. (Jacobson) in view of U.S. 
Patent 6,466,976 by Alles et al. (Alles). 

19. With respect to Claim 1 , Jacobson teaches a method for controlling subscriber 
access (Col. 2 lines 7-17) in a network capable of establishing connections with a 
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plurality of services (Col. 3 lines 57-63), comprising: receiving a communication from a 
subscriber using a first communication network coupled to a second communication 
network (Col. 3 lines 8-25 and lines 44-56), said communication optionally including a 
domain identifier associated with a service on said second communication network (Col. 
11 lines 12-23); and authorizing said subscriber to access a service on said second 
communication network (Col. 14 lines 35-40), said authorizing based upon a domain 
configuration override attribute associated with a source of a communication from a 
subscriber (Col. 14 lines 40-45 and Col. 18 lines 41-53). Jacobson does not explicitly 
disclose the use of virtual circuits to receive communications and to use in accessing a 
service. Alles teaches that communication networks may be virtual networks (Col. 1 
lines 53-60) and that services on these networks may need to be authorized (Col. 1 
lines 60-63). Alles further teaches one can uniquely identify the virtual circuit used to 
receive a communication from a subscriber and base authorization on associations of 
the identified circuit (Col. 9 lines 6-1 5). It would have been obvious to one of ordinary 
skill in the art at the time the invention was made to take the method disclosed by 
Jacobson and modify it as indicated by Alles such that the method further comprises 
authorizing said subscriber to access a service on said second communication network 
using one of a plurality of virtual circuits, said authorizing based upon a domain 
configuration override attribute associated with the virtual circuit used to receive said 
communication from said subscriber. One would be motivated to have this since there 
is need for a method that enables the provision of different authorization policies to 
different subscribers or channels (Col. 2 lines 26-30 and Col. 10 lines 36-40). 
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20. With respect to Claim 2, Jacobson in view of Alles teaches all the limitations of 
Claim 1 and further teaches said authorizing further comprises: receiving from a 
memory a virtual circuit profile associated with said virtual circuit (Col. 9 lines 12-15 of 
Alles); assessing said virtual circuit profile to determine if a domain configuration 
override attribute exists within said virtual circuit profile (Col. 14 lines 40-45 and Col. 18 
lines 42-46 of Jacobson); and allowing said subscriber to connect exclusively to a 
service associated with said domain configuration override attribute when said domain 
configuration override attribute exists within said virtual circuit profile (Col. 15 line 66 to 
Col. 16 line 8 of Jacobson). 

21 . With respect to Claim 3, Jacobson in view of Alles teaches all the limitations of 
Claim 2 and further teaches causing the subscriber to disconnect from all then existing 
network connections when said domain configuration override attribute exists within 
said virtual circuit profile and when said domain identifier in said communication does 
not match said service associated with said domain configuration override attribute (Col. 
15 line 66 to Col. 16 line 8 of Jacobson). 

22. With respect to Claim 4, Jacobson in view of Alles teaches all the limitations of 
Claim 2 and further teaches said service request comprises a Point-to-Point Protocol 
(PPP) session service request (Col. 6 lines 53-64 of Alles). 

23. With respect to Claim 8, Jacobson teaches a program storage device readable 
by a machine, embodying a program of instructions executable by the machine to 
perform a method to control subscriber access (Col. 2 lines 7-17) in a network capable 
of establishing connections with a plurality of services (Col. 3 lines 57-63), the method 
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comprising: receiving a communication from a subscriber using a first communication 
network coupled to a second communication network (Col. 3 lines 8-25 and lines 44- 
56), said communication optionally including a domain identifier associated with a 
service on said second communication network (Col. 11 lines 12-23); and authorizing 
said subscriber to access a service on said second communication network (Col. 14 
lines 35-40), said authorizing based upon a domain configuration override attribute 
associated with a source of a communication from a subscriber (Col. 14 lines 40-45 and 
Col. 18 lines 41-53). Jacobson does not explicitly disclose the use of virtual circuits to 
receive communications and to use in accessing a service. Alles teaches that 
communication networks may be virtual networks (Col. 1 lines 53-60) and that services 
on these networks may need to be authorized (Col. 1 lines 60-63). Alles further teaches 
one can uniquely identify the virtual circuit used to receive a communication from a 
subscriber and base authorization on associations of the identified circuit (Col. 9 lines 6- 
1 5). It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to take the method disclosed by Jacobson and modify it as 
indicated by Alles such that the method further comprises authorizing said subscriber to 
access a service on said second communication network using one of a plurality of 
virtual circuits, said authorizing based upon a domain configuration override attribute 
associated with the virtual circuit used to receive said communication from said 
subscriber. One would be motivated to have this since there is need for a method that 
enables the provision of different authorization policies to different subscribers or 
channels (Col. 2 lines 26-30 and Col. 10 lines 36-40). 
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24. With respect to Claim 9, Jacobson in view of Alles teaches all the limitations of 
Claim 8 and further teaches said authorizing further comprises: receiving from a 
memory a virtual circuit profile associated with said virtual circuit (Col. 9 lines 12-15 of 
Alles); assessing said virtual circuit profile to determine if a domain configuration 
override attribute exists within said virtual circuit profile (Col. 14 lines 40-45 and Col. 18 
lines 42-46 of Jacobson); and allowing said subscriber to connect exclusively to a 
service associated with said domain configuration override attribute when said domain 
configuration override attribute exists within said virtual circuit profile (Col. 15 line 66 to 
Col. 16 line 8 of Jacobson). 

25. With respect to Claim 10, Jacobson in view of Alles teaches all the limitations of 
Claim 9 and further teaches causing the subscriber to disconnect from all then existing 
network connections when said domain configuration override attribute exists within 
said virtual circuit profile and when said domain identifier in said communication does 
not match said service associated with said domain configuration override attribute (Col. 
15 line 66 to Col. 16 line 8 of Jacobson). 

26. With respect to Claim 1 1 , Jacobson in view of Alles teaches all the limitations of 
Claim 9 and further teaches said service request comprises a Point-to-Point Protocol 
(PPP) session service request (Col. 6 lines 53-64 of Alles). 

27. With respect to Claim 1 5, Jacobson teaches a an apparatus for controlling 
subscriber access (Col. 2 lines 7-17) in a network capable of establishing connections 
with a plurality of services (Col. 3 lines 57-63), the apparatus comprising: means for 
receiving a communication from a subscriber using a first communication network 
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coupled to a second communication network (Col. 3 lines 8-25 and lines 44-56), said 
communication optionally including a domain identifier associated with a service on said 
second communication network (Col. 1 1 lines 12-23); and means for authorizing said 
subscriber to access a service on said second communication network (Col. 14 lines 
35-40), said authorizing based upon a domain configuration override attribute 
associated with a source of a communication from a subscriber (Col. 14 lines 40-45 and 
Col. 18 lines 41-53). Jacobson does not explicitly disclose the use of virtual circuits to 
receive communications and to use in accessing a service. Alles teaches that 
communication networks may be virtual networks (Col. 1 lines 53-60) and that services 
on these networks may need to be authorized (Col. 1 lines 60-63). Alles further teaches 
one can uniquely identify the virtual circuit used to receive a communication from a 
subscriber and base authorization on associations of the identified circuit (Col. 9 lines 6- 
1 5). It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to take the apparatus disclosed by Jacobson and modify it as 
indicated by Alles such that the apparatus further comprises means for authorizing said 
subscriber to access a service on said second communication network using one of a 
plurality of virtual circuits, said authorizing based upon a domain configuration override 
attribute associated with the virtual circuit used to receive said communication from said 
subscriber. One would be motivated to have this since there is need for a method that 
enables the provision of different authorization policies to different subscribers or 
channels (Col. 2 lines 26-30 and Col. 10 lines 36-40). 
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28. With respect to Claim 16, Jacobson in view of Alles teaches all the limitations of 
Claim 15 and further teaches said means for authorizing further comprises: means for 
receiving from a memory a virtual circuit profile associated with said virtual circuit (Col. 9 
lines 12-15 of Alles); means for assessing said virtual circuit profile to determine if a 
domain configuration override attribute exists within said virtual circuit profile (Col. 14 
lines 40-45 and Col. 18 lines 42-46 of Jacobson); and means for allowing said 
subscriber to connect exclusively to a service associated with said domain configuration 
override attribute when said domain configuration override attribute exists within said 
virtual circuit profile (Col. 15 line 66 to Col. 16 line 8 of Jacobson). 

29. With respect to Claim 17, Jacobson in view of Alles teaches all the limitations of 
Claim 1 6 and further teaches means for causing the subscriber to disconnect from all 
then existing network connections when said domain configuration override attribute 
exists within said virtual circuit profile and when said domain identifier in said 
communication does not match said service associated with said domain configuration 
override attribute (Col. 15 line 66 to Col. 16 line 8 of Jacobson). 

30. With respect to Claim 18, Jacobson in view of Alles teaches all the limitations of 
Claim 16 and further teaches said service request comprises a Point-to-Point Protocol 
(PPP) session service request (Col. 6 lines 53-64 of Alles). 
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31. Claims 5-7, 12-14 and 19-21 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Jacobson in view of Alles as applied to claims 1-4, 8-11 and 15-18 
above, and further in view of U.S. Patent 6,094,437 by Loehndorf, Jr. et al. (Loehndorf). 

32. With respect to Claim 5, Jacobson in view of Alles teaches all the limitations of 
Claim 4 but does not explicitly disclose the PPP session comprising a tunnel session 
and assigning a tunnel ID. Loehndorf teaches a PPP session may comprise a tunnel 
session (Col. 2 line 66 - Col. 3 line 7), and that a tunnel ID can be assigned (Col. 1 1 
lines 36-40 and lines 60-61 ). It would have been obvious to one of ordinary skill in the 
art at the time the invention was made to take the method disclosed by Jacobson in 
view of Alles and. modify it as indicated by Loehndorf such that said PPP session 
comprises a tunneling session; and said allowing further comprises assigning a tunnel 
ID. One would be motivated to have this as tunneling is commonly used to securely 
send data between networks and to provide needed or improved functionality (Col. 1 
lines 33-46). 

33. With respect to Claim 6, Jacobson in view of Alles and in further view of 
Loehndorf teaches all the limitations of Claim 5 and further teaches said tunneling 
session comprises an L2TP session (Col. 2 line 66 - Col. 3 line 7 of Loehndorf). 

34. With respect to Claim 7, Jacobson in view of Alles and in further view of 
Loehndorf teaches all the limitations of Claim 6 and further teaches said receiving a 
virtual circuit profile further comprises performing a table lookup based upon a Virtual 
Path Identifier (VPI) Virtual Channel Identifier (VCI) associated with said virtual circuit 
(Col. 9 lines 6-1 5' of Alles). 
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35. With respect to Claim 12, Jacobson in view of Alles teaches all the limitations of 
Claim 1 1 but does not explicitly disclose the PPP session comprising a tunnel session 
and assigning a tunnel ID. Loehndorf teaches a PPP session may comprise a tunnel 
session (Col. 2 line 66 - Col. 3 line 7), and that a tunnel ID can be assigned (Col. 1 1 
lines 36-40 and lines 60-61 ). It would have been obvious to one of ordinary skill in the 
art at the time the invention was made to take the program storage device disclosed by 
Jacobson in view" of Alles and modify it as indicated by Loehndorf such that said PPP 
session comprises a tunneling session; and said allowing further comprises assigning a 
tunnel ID. One would be motivated to have this as tunneling is commonly used to 
securely send data between networks and to provide needed or improved functionality 
(Col. 1 lines 33-46). 

36. With respect to Claim 13, Jacobson in view of Alles and in further view of 
Loehndorf teaches all the limitations of Claim 12 and further teaches said tunneling 
session comprises an L2TP session (Col. 2 line 66 - Col. 3 line 7 of Loehndorf). 

37. With respect to Claim 14, Jacobson in view of Alles and in further view of 
Loehndorf teaches all the limitations of Claim 13 and further teaches said receiving a 
virtual circuit profile further comprises performing a table lookup based upon a Virtual 
Path Identifier (VPI) Virtual Channel Identifier (VCI) associated with said virtual circuit 
(Col. 9 lines 6-15 of Alles). 

38. With respect to Claim 19, Jacobson in view of Alles teaches all the limitations of 
Claim 18 but does not explicitly disclose the PPP session comprising a tunnel session 
and assigning a tunnel ID. Loehndorf teaches a PPP session may comprise a tunnel 
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session (Col. 2 line 66 - Col. 3 line 7), and that a tunnel ID can be assigned (Col. 1 1 
lines 36-40 and lines 60-61 ). It would have been obvious to one of ordinary skill in the 
art at the time the invention was made to take the apparatus disclosed by Jacobson in 
view of Alles and modify it as indicated by Loehndorf such that said PPP session 
comprises a tunneling session; and said means for allowing further comprises assigning 
a tunnel ID. One would be motivated to have this as tunneling is commonly used to 
securely send data between networks and to provide needed or improved functionality 
(Col. 1 lines 33-46). 

39. With respect to Claim 20, Jacobson in view of Alles and in further view of 
Loehndorf teaches all the limitations of Claim 19 and further teaches said tunneling 
session comprises an L2TP session (Col. 2 line 66 - Col. 3 line 7 of Loehndorf). 

40. With respect to Claim 21 , Jacobson in view of Alles and in further view of 
Loehndorf teaches all the limitations of Claim 20 and further teaches said receiving a 
virtual circuit profile further comprises performing a table lookup based upon a Virtual 
Path Identifier (VPl) Virtual Channel Identifier (VCI) associated with said virtual circuit 
(Col. 9 lines 6-1 5 of Alles). 

41. Claims 22-24 and 30-32 rejected under 35 U.S.C. 103(a) as being unpatentable 
over Alles in view of Jacobson. 

42. With respect to Claim 22, Alles teaches an access server capable of forcing 
subscribers of a communications system to gain access exclusively to a domain 
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network associated with a virtual circuit (Col. 1 lines 53-63), said access server 
comprising: an authorizer capable of granting service authorization to said subscribers 
based upon a virtual circuit used to make a service request (Col. 9 lines 6-15 and Col. 1 
lines 53-63); a virtual circuit profile request generator capable of generating virtual 
circuit profile requests (Col. 9 lines 6-15); an assessor capable of assessing said 
requested virtual circuit profile (Col. 9 lines 6-15 and Col. 10 lines 36-40); and a 
calculator capable of determining whether the service associated with said virtual circuit 
matches the service associated with service policies (Col. 9 lines 6-15 and Col. 10 lines 
57-65). Alles further teaches a subscriber source is uniquely identified by a 
corresponding virtual circuit (Col. 9 lines 6-15 and Col. 10 lines 57-64). Alles does not 
explicitly disclose the use of a domain configuration override attribute in association with 
a virtual circuit and the use of a domain configuration override attribute in the service 
policies. Jacobson teaches the use of a domain configuration override attribute in 
association with a subscriber source (Col. 14 lines 40-45 and Col. 18 lines 41-53) and 
the use of a domain configuration override attribute in a service policy for use in 
matching a service request to an associated service in the service policy (Col. 15 line 66 
- Col. 16 line 8). It would have been obvious to one of ordinary skill in the art at the 
time the invention was made to take the access server disclosed by Alles and modify it 
as indicated by Jacobson such that the access server further comprises an assessor 
capable of assessing said requested virtual circuit profile for a domain configuration 
override attribute and a calculator capable of determining whether the service 
associated with said virtual circuit matches the service associated with said domain 
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configuration override attribute. One would be motivated to have this since there is 
need for a flexible system that enables the provision of different authorization policies to 
different subscribers or channels (Col. 2 lines 26-30 and Col. 10 lines 36-40 of Alles). 

43. With respect to Claim 23, Alles in view of Jacobson teaches all the limitations of 
Claim 22 and further teaches a receiving interface capable of accepting said service 
requests (Col. 6 line 52 - Col. 7 line 6 of Alles); a forwarding interface capable of 
sending said virtual circuit profile requests to a memory bank (Col. 9 lines 6-15 of Alles); 
and a second receiving interface capable of accepting requested virtual circuit profiles 
(Col. 9 lines 6-15 of Alles). 

44. With respect to Claim 24, Alles in view of Jacobson teaches all the limitations of 
Claim 22 and further teaches said service request comprises a Point-to-Point Protocol 
(PPP) session service request (Col. 6 lines 52-57). 

45. With respect to Claim 30, Alles teaches an access server capable of forcing 
subscribers of a communications system to gain access exclusively to a domain 
network associated with a virtual circuit (Col. 1 lines 53-63), said access server 
comprising: a memory device capable of storing a plurality of virtual circuit profiles, said 
virtual circuit profile having a service policy associated with subscriber authorized 
services (Col. 9 lines 6-15 and Col. 7 lines 51-6), an authorizer capable of granting 
service authorization to said subscribers based upon a virtual circuit used to make a 
service request (Col. 9 lines 6-15 and Col. 1 lines 53-63); a virtual circuit profile request 
generator capable of generating virtual circuit profile requests (Col. 9 lines 6-15); an 
assessor capable of assessing said requested virtual circuit profile (Col. 9 lines 6-15 
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and Col. 10 lines 36-40); and a calculator capable of determining whether the service 
associated with said virtual circuit matches the service associated with service policies 
(Col. 9 lines 6-15 and Col. 10 lines 57-65). Alles further teaches a subscriber source is 
uniquely identified by a corresponding virtual circuit (Col. 9 lines 6-15 and Col. 10 lines 
57-64). Alles does not explicitly disclose the use of a domain configuration override 
attribute in association with a virtual circuit and the use of a domain configuration 
override attribute in the service policies in relation to subscriber authorized services. 
Jacobson teaches the use of a domain configuration override attribute in association 
with a subscriber source and authorized services (Col. 14 lines 40-45 and Col. 18 lines 
41-53) and the use of a domain configuration override attribute in a service policy for 
use in matching a service request to an associated service in the service policy (Col. 15 
line 66 - Col. 1 6 line 8). It would have been obvious to one of ordinary skill in the art at 
the time the invention was made to take the access server disclosed by Alles and 
modify it as indicated by Jacobson such that the access server further comprises a 
memory device capable of storing a plurality of virtual circuit profiles, said virtual circuit 
profiles capable of having a domain configuration override attribute associated with 
subscriber authorized services, an assessor capable of assessing said requested virtual 
circuit profile for a domain configuration override attribute and a calculator capable of 
determining whether the service associated with said virtual circuit matches the service 
associated with said domain configuration override attribute. One would be motivated 
to have this since there is need for a flexible system that enables the provision of 
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different authorization policies to different subscribers or channels (Col. 2 lines 26-30 
and Col. 1 0 lines 36-40 of Alles). 

46. With respect to Claim 31 , Alles in view of Jacobson teaches all the limitations of 
Claim 30 and further teaches a receiving interface capable of accepting said service 
requests (Col. 6 line 52 - Col. 7 line 6 of Alles); a forwarding interface capable of 
sending said virtual circuit profile requests to a memory bank (Col. 9 lines 6-15 of Alles); 
and a second receiving interface capable of accepting requested virtual circuit profiles 
(Col. 9 lines 6-1 5* of Alles). 

47. With respect to Claim 32 t Alles in view of Jacobson teaches all the limitations of 
Claim 30 and further teaches said service request comprises a Point-to-Point Protocol 
(PPP) session service request (Col. 6 lines 52-57). 

48. Claims 25-28 and 33-36 rejected under 35 U.S.C. 103(a) as being unpatentable 
over Alles in view of Jacobson as applied to Claims 22-24 and 30-32 above, and further 
in view of Loehndorf. 

49. Note: As stated earlier, Claims 25-28 and 33-36 are rejected based on what the 
examiner believes the Claim dependencies were intended to be. 

50. With respect to Claim 25, Alles in view of Jacobson teaches all the limitations of 
Claim 24 but does not explicitly disclose the PPP session comprising a tunnel session 
and assigning a tunnel ID. Loehndorf teaches a PPP session may comprise a tunnel 
session (Col. 2 line 66 - Col. 3 line 7), and that a tunnel ID can be assigned (Col. 1 1 
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lines 36-40 and lines 60-61 ). It would have been obvious to one of ordinary skill in the 
art at the time the invention was made to take the access server disclosed by Alles in 
view of Jacobson and modify it as indicated by Loehndorf such that said PPP session 
comprises a tunneling session; and said calculator is capable of assigning a tunnel ID. 
One would be motivated to have this as tunneling is commonly used to securely send 
data between networks and to provide needed or improved functionality (Col. 1 lines 33- 
46). 

51 . With respect to Claim 26, Alles in view of Jacobson and in further view of 
Loehndorf teaches all the limitations of Claim 25 and further teaches said tunneling 
session comprises an L2TP session (Col. 2 line 66 - Col. 3 line 7 of Loehndorf). 

52. With respect to Claim 27, Alles in view of Jacobson and in further view of 
Loehndorf teaches all the limitations of Claim 20 and further teaches said assessor is 
capable of performing a table lookup based upon a Virtual Path Identifier (VPI) Virtual 
Channel Identifier (VCI) associated with said virtual circuit (Col. 9 lines 6-15 of Alles). 

53. With respect to Claim 28, Alles in view of Jacobson and in further view of 
Loehndorf teaches all the limitations of Claim 27 and further teaches said receiving 
interface comprises at least one access multiplexer, each access multiplexer having a 
plurality of inputs for receiving a service request (Col. 6 lines 52-64 of Alles), each of 
said inputs being associated with a particular subscriber virtual circuit (Col. 9 lines 6- 
15). 

54. With respect to Claim 33, Alles in view of Jacobson teaches all the limitations of 
Claim 32 but does not explicitly disclose the PPP session comprising a tunnel session 
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and assigning a tunnel ID. Loehndorf teaches a PPP session may comprise a tunnel 
session (Col. 2 line 66 - Col. 3 line 7), and that a tunnel ID can be assigned (Col. 1 1 
lines 36-40 and lines 60-61). It would have been obvious to one of ordinary skill in the 
art at the time the invention was made to take the access server disclosed by Alles in 
view of Jacobson and modify it as indicated by Loehndorf such that said PPP session 
comprises a tunneling session; and said calculator is capable of assigning a tunnel ID. 
One would be motivated to have this as tunneling is commonly used to securely send 
data between networks and to provide needed or improved functionality (Col. 1 lines 33- 
46). 

55. With respect to Claim 34, Alles in view of Jacobson and in further view of 
Loehndorf teaches all the limitations of Claim 33 and further teaches said tunneling 
session comprises an L2TP session (Col. 2 line 66 - Col. 3 line 7 of Loehndorf). 

56. With respect to Claim 35, Alles in view of Jacobson and in further view of 
Loehndorf teaches all the limitations of Claim 34 and further teaches said assessor is 
capable of performing a table lookup based upon a Virtual Path Identifier (VPI) Virtual 
Channel Identifier (VCI) associated with said virtual circuit (Col. 9 lines 6-15 of Alles). 

57. With respect to Claim 36, Alles in view of Jacobson and in further view of 
Loehndorf teaches all the limitations of Claim 35 and further teaches said receiving 
interface comprises at least one access multiplexer, each access multiplexer having a 
plurality of inputs for receiving a service request (Col. 6 lines 52-64 of Alles), each of 
said inputs being associated with a particular subscriber virtual circuit (Col. 9 lines 6- 
15). 
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58. Claim 29 rejected under 35 U.S.C. 103(a) as being unpatentable over Alles in 
view of Jacobson as applied to Claim 23 above, and further in view of Applicant's 
admitted prior art. Alles in view of Jacobson teaches all the limitations of Claim 23 but 
does not explicitly disclose the use of RADIUS protocol. However, Applicant admits that 
the RADIUS protocol is well known in the art (Page 16 lines 8-12). It would have be 
obvious to one of ordinary skill in the art at the time the invention was made to take the 
access server disclosed by Alles in view of Jacobson and modify it as indicated by 
Applicant's admitted prior art such that said memory bank and said access server 
communicate using the Remote Authorization Dial-In User Service (RADIUS) protocol. 
One would be motivated to do this since it is well known in the art as admitted by the 
Applicant. 

Conclusion 

59. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

60. U.S. Patent 5,949,755 by Uphadya et al. "ATM Emulated Path Protection" 
September 7, 1999 

61. U.S. Patent 6,154,775 by Coss et al. "Methods and apparatus for a computer 
network firewall with dynamic rule processing with the ability to dynamically alter the 
operations of rules" November 28, 2000 

62. U.S. Patent 6,236,655 by Caldara et al. "Port and link identification" May 22, 
2001 
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63. U.S. Patent 6,412,003 by Melen et al. "System and method for accessing 
services" June 25, 2002 

64. U.S. Patent 6,438,612 by Ylonen et al. "Method and arrangement for secure 
tunneling of data between virtual routers" August 20, 2002 

65. U.S. Patent 6,609,153 by Salkewicz "Domain isolation through virtual network 
machines" August 1 9, 2003 

66. U.S. Patent 6,651 ,096 by Gai et al. "Method and apparatus for organizing, 
storing, and evaluating access control lists" November 18, 2003 

67. U.S. Patent 6,654,792 by Verma et al. "Method and architecture for logical 
aggregation of multiple servers" November 25, 2003 

68. Xu, Jun and Singhal, Mukesh. "Design and evaluation of a high-performance 
ATM firewall switch and its applications" June, 1999, IEEE Journal on selected areas in 
communications, Vol. 17, no. 6, pp. 1190-1200 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David Lazaro whose telephone number is 703-305- 
4868. The examiner can normally be reached on 8:30-5:00 M-F. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Hosain Alam can be reached on 703-308-6662. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




David Lazaro 
February 3, 2004 
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